Account Security Warning: Mobile Armory and Battle.net Website

Blizzard

There’s been a recent increase in unauthorized World of Warcraft account-logins via our website and the World of Warcraft mobile armory app.

We’re in the process of notifying any account holders who were not using an authenticator and whose account showed signs of unauthorized access (e.g., logging in from an unusual IP address). If you are among this group, you will receive an email describing how to reset your account.

As a result of these activities, access to the World of Warcraft auction house via the mobile app has been taken off-line temporarily. Upon request, our customer support team will restore in-game items and gold for any accounts impacted.

While no means of account security is guaranteed, every precaution you take to secure your computer and your account—including changing your password periodically—adds another defensive barrier. We strongly encourage everyone to take a few moments to read through the security tips available on our support website and follow the suggestions posted there.

Comentarios

Comentario de mecheye

on 2013-06-25T01:44:53-05:00

Good to know they're doin' somethin'

Comentario de harpuiablade

on 2013-06-25T02:00:41-05:00

Usually changing your password every few months is the safe thing to do since most of the time the hackers have had your password on their database for a few months and changing your password nulls that list of "people to hack".

Comentario de Nyres

on 2013-06-25T02:13:59-05:00

Wonder what this means for those of us have physical authenticators and what not.

Comentario de laughingnome

on 2013-06-25T02:21:20-05:00

Always have a different password for every site and account you have. Using the same password everywhere is inviting trouble.

Comentario de Jkpman

on 2013-06-25T03:13:14-05:00

Good to know they're doin' somethin'

Yeah because it is all their fault people fail to secure their computers and DON'T buy an Authenticator.

Wonder what this means for those of us have physical authenticators and what not.

Yeah I'd be really worried if I hadn't actually read the post, you should try it.

We’re in the process of notifying any account holders who were not using an authenticator

Comentario de Hakunamatata

on 2013-06-25T03:14:45-05:00

Hope they put the mobile AH back up soon as it's the most convenient way to do auctions in many circumstances :(

Comentario de Nyres

on 2013-06-25T03:16:56-05:00

Good to know they're doin' somethin'

Yeah because it is all their fault people fail to secure their computers and DON'T buy an Authenticator.

Wonder what this means for those of us have physical authenticators and what not.

Yeah I'd be really worried if I hadn't actually read the post, you should try it.

We’re in the process of notifying any account holders who were not using an authenticator

I had I was just meaning I wonder if there's a greater security issue to worry about in the mean time that they aren't bringing up as to not instil panic.

Comentario de Jkpman

on 2013-06-25T03:33:55-05:00

I had I was just meaning I wonder if there's a greater security issue to worry about in the mean time that they aren't bringing up as to not instil panic.

Why would there be?An Authenticator is about as secure as you can be. And again.. It is not Blizzards responsibility to make sure YOU don't get phished and your account compromised.They do the best they can, which is basically warning people to be vigilant. Which should go without saying anyway.

Comentario de stormeagle6

on 2013-06-25T03:42:55-05:00

I had I was just meaning I wonder if there's a greater security issue to worry about in the mean time that they aren't bringing up as to not instil panic.

Why would there be?An Authenticator is about as secure as you can be. And again. It is not Blizzards responsibility to make sure YOU don't get phished and your account compromised.They do the best they can, which is basically warning people to be vigilant. Which should go without saying anyway.

I have an authenticator and they hacked me anyway, the same thing happened to thousands of people over the weekend. They managed to somehow use the mobile armory to circumvent authenticators, hence the current shutdown of the app.

It's not Blizzard's responsibility to make sure I don't compromise my account, but it is when they're the ones who got compromised.

Comentario de ElhonnaDS

on 2013-06-25T09:20:57-05:00

I have a guildie who has the authenticator on his smartphone, and who was hacked despite that 2 days ago after visiting a couple of wow sites on that phone. We thought it might have been raidfinder, but since they announced this, it's much more likely that it was the mobile armory. So it appears that people who DID go through the extra step of getting the authenticator are still being hacked because of this.

Comentario de AingealWroth

on 2013-06-25T11:14:44-05:00

Phone = wireless connection = more easily hacked, depending on where you are using the device.

Glad Blizz sent out notice, but more glad I am not wired into my phone, because O.O

Comentario de TheR0nin

on 2013-06-25T11:43:03-05:00

And suddenly I'm glad that I've temporarily had to stop paying to play my account. Can't hack an inactive account, can you? ;)

Seriously though, I'm glad that Blizz is at work on this. Hackers will always try to find a way in, and Blizz always finds a way to shut them down. (Outside of poor user practices, that is.)

Comentario de Deathpact

on 2013-06-25T11:59:30-05:00

every time i use mobile armory it locks my account and then i need to reset passwords ive just stopped using it altogether

Comentario de rabican1

on 2013-06-25T12:23:12-05:00

And suddenly I'm glad that I've temporarily had to stop paying to play my account. Can't hack an inactive account, can you? ;)

Seriously though, I'm glad that Blizz is at work on this. Hackers will always try to find a way in, and Blizz always finds a way to shut them down. (Outside of poor user practices, that is.)

I had an inactive account that got hacked. It was why I got the authenticator. I think it was after wrath, I played wrath for a while, got tired of the game and then unsubscribed. later I tried to reactivatge the account to come back for Cata. My account was banned and I had to call customer support to have the account reactivated. blizzard customer support said there was evidence that my account got hacked and that is why it was banned.

I got the account unlocked and Blizzard restored some of my characters and gear. The net effect was I had a whole bunch of level one toons on wierd servers with names like "jkmnj" and "wassdf". One of my characters , (my alchemist and herbalist) was a corpse in Netherstorm, all of his gear was red and his bags were completely full of herbs.

I figure the alchemist was used as a bot to farm herbs and the level ones were used to deliver gold to buyers.

Comentario de BosephHeyden

on 2013-06-25T19:17:20-05:00

I have one password for World of Warcraft. It's not shared with any other password I have, and it's not something someone could just guess. That should be all the security I need, and I certainly won't be paying Blizzard to buy an authenticator when their side is the one getting hacked.

Comentario de Tribunal

on 2013-06-25T20:39:48-05:00

their side is the one getting hacked.

This time vs. 1000s of other times. Probably approaching hundreds of thousands of other times.

You're obviously allowed to not get an authenticator (so far). I just think that's pretty poor reasoning. The times where it's Blizz side vs Player side (or at least not contributed to in part by Player side) are few and far between.

Comentario de TheWheatOne

on 2013-06-25T23:42:41-05:00

And suddenly I'm glad that I've temporarily had to stop paying to play my account. Can't hack an inactive account, can you? ;)

This is super ironic for me. I stopped my subscription for a while, during when MoP was coming out. I was hacked, and not only did they give me a subscription, they bought MoP for me and leveled me to 88. I also got a crap-ton of mats of all types. Best thing that ever happened to me.

Comentario de dtylertx

on 2013-06-26T00:49:46-05:00

if you feel that the authenticator is a gimmick to try and get money from you... i feel sorry for you but that is your right. Frankly, I think you're a fool though. try not to be too insulted.

Comentario de Nulgar

on 2013-06-26T01:42:56-05:00

Usually changing your password every few months is the safe thing to do since most of the time the hackers have had your password on their database for a few months and changing your password nulls that list of "people to hack".

This needs to be emphasized. There are rarely "sudden hacks" where thousands of innocent players get their account taken away, the hackers usually already have the login information through keyloggers installed maybe months before. They just wait for the right moment to strike.

Comentario de gugaimba

on 2013-07-01T10:31:26-05:00

Does anybody know if Blizz can tell us the ip address or where did came from a possible invasion on an account logged in? Cause one time, my account was closed after a message saying sth like "suspicious activity bla bla".